How severe is CVE-2019-1148?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2019-1148?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2019-1148 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory.

Related Vulnerabilities

CVE-2006-5393

MEDIUM

CVSS:5.5(Medium)

Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might allow local users to read certain memory pages that were written...

CWE-1252006

CVE-2014-8355

MEDIUM

CVSS:5.5(Medium)

PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).

CWE-1252014

CVE-2014-8562

MEDIUM

CVSS:5.5(Medium)

DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).

CWE-1252014

CVE-2014-9816

MEDIUM

CVSS:5.5(Medium)

ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.

CWE-1252014

CVE-2014-9818

MEDIUM

CVSS:5.5(Medium)

ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.

CWE-1252014

CVE-2014-9844

MEDIUM

CVSS:5.5(Medium)

The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

CWE-1252014